CVE-2020-5679

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. If a user accesses a specially crafted page while logged into the administrative page, unintended operations may be conducted...

lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c

A buffer overflow was found in the lldpdecode function in daemon/protocols/lldp.c in lldpd. This flaw allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. This threatens the...

lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c

A buffer overflow was found in the lldpdecode function in daemon/protocols/lldp.c in lldpd. This flaw allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. This threatens the...

[SECURITY] Fedora 32 Update: libuv-1.39.0-1.fc32

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

The vulnerability of the SSL/TLS module of Cisco Adaptive Security Appliance’s network firewall allows a attacker to cause a service failure.

The vulnerability of the SSL/TLS module of the Cisco Adaptive Security Appliance software lies in errors during initialization of pointers. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

Juniper Junos OS EX4300-MP/EX4600/QFX5K Series DoS (JSA11086)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11086 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. TRUSTED...

UBUNTU-CVE-2020-13987

An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upperlayerchksum in net/ipv4/uip.c...

UBUNTU-CVE-2020-28896

Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $sslforcetls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials...

What is the TLS padlock saying?

Security What is the TLS padlock saying? Share November 20th, 2020 Alice and Bob use TLS to keep their long distance relationship hot and private. TL;DR: skip to the conclusions to see what Alice learned. The Privacy Problem Alice and Bob had to turn their relationship into a long distance one...

The vulnerability of the TLS session handler in Cisco Firepower Threat Defense (FTD) and Cisco Adaptive Security Appliance (ASA) allows attackers to gain unauthorized access to protected information.

The vulnerability of TLS session handler microprogramming software for Cisco Firepower Threat Defense and Cisco Adaptive Security Appliance is related to information disclosure due to incompatibility issues. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to...

Security Bulletin: TLS Protocol DHE_EXPORT Ciphers Downgrade MitM (Logjam) vulnerability in IBM Cloud Pak for Data Streams

Summary The Transport Layer Security TLS protocol contains a flaw that is triggered when handling DiffieHellman key exchanges defined with the DHEEXPORT cipher. A man-in-the middle attacker may be able to downgrade the session to use EXPORTDHE cipher suites. Thus, it is recommended to remove...

CVE-2020-28915

A buffer over-read at the framebuffer layer in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def...

CVE-2020-28915

CVE-2020-28915 is a Linux kernel vulnerability in the fbcon framebuffer code, where a buffer over-read before 5.8.15 could allow a local attacker to read kernel memory. The issue is caused by improper bounds handling in the framebuffer font-related path used by fbcon. Affected fix: upstream patch...

The vulnerability of the packet filtering function of the Cisco IOS XE operating system, which allows a hacker to bypass L2 and L4-level filters

The vulnerability of the packet filtering function in the Cisco IOS XE operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to bypass L2 and L4 filters remotely...

Design/Logic Flaw

A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper resource...

CVE-2020-26070 Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers Slow Path Forwarding Denial of Service Vulnerability

A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to improper resource...

Oracle Linux 8 : SDL (ELSA-2020-4627)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4627 advisory. 1.2.15-38 - fix CVEs - Resolves: rhbz1716209, rhbz1716210, rhbz1716211, rhbz1716212, rhbz1716213, rhbz1716214, rhbz1716215, rhbz1716216, rhbz1716217,...

Pixar OpenUSD SDF layer path remote code execution

Summary A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. A specially crafted file can trigger the reuse of a freed memory which can result in further memory corruption and arbitrary code execution. To trigger this vulnerability, the...

The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense, a microprogramming-based network device for SSL/TLS session processors, allows attackers to induce service failures.

The vulnerability of Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense’s SSL/TLS session processors involves uncontrolled resource consumption. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by initiating multiple SSL/TLS sessions and...

The vulnerability of the SSL/TLS microprogramming software-based network interface controllers in Cisco Firepower Threat Defense allows attackers to induce service failures.

The vulnerability of Cisco Firepower Threat Defense’s SSL/TLS microprogramming system check mechanisms arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to cause service failure by sending a specially crafted and corrupted...